Yeah, the tests at the virus bulletin are near useless. Almost all the AVs ever tested, pass with 100%...
Another great detection rate test is here:
http://www.av-comparatives.org/
They use 150k malwares in the tests.
In these tests, KAV gest 99.5% of everything overall, and nod32 gets 91-95% depending on which set you take.
They also have tests, which attempt to test the strength of the heurists. In these, nod32 gets 70%, (best of any!), and KAV gets 50%. Many others fall to 0-4%, and nod and kav are the best.
Kaspersky really does update their pattern server hourly! You can set your AV to update as frequently as that if you want. 3 hours is default.
In my view, scanning and finding a threat on you disk, is the booby prize.
What you want is an AV that scans every email, and every script, active-x, java applet, IE toolbar, or helper objects, and so on, and block execution of any malware, before it can run. Block it long before any software even thinks of writing it to a disk!
It seems like nod32's http and pop3 scanning accomplishes this, no?
I am not clear on KAV's approach, though they seem to have tightly integated into IE, and flash an icon in the status bar, every page. I know their next version - 6 - in beta now, is supposed to include http scanning.
Seems like nod32's imon module will equally protect firefox and IE, as well as pop3 email clients, right?
Still, it is hard to beat KAV's 99.5% and hourly updates. They have an extended threat database you can use as well.
I am awaiting the answers to some questions like this, from the Kaspersky folks.
Don
Another great detection rate test is here:
http://www.av-comparatives.org/
They use 150k malwares in the tests.
In these tests, KAV gest 99.5% of everything overall, and nod32 gets 91-95% depending on which set you take.
They also have tests, which attempt to test the strength of the heurists. In these, nod32 gets 70%, (best of any!), and KAV gets 50%. Many others fall to 0-4%, and nod and kav are the best.
Kaspersky really does update their pattern server hourly! You can set your AV to update as frequently as that if you want. 3 hours is default.
In my view, scanning and finding a threat on you disk, is the booby prize.
What you want is an AV that scans every email, and every script, active-x, java applet, IE toolbar, or helper objects, and so on, and block execution of any malware, before it can run. Block it long before any software even thinks of writing it to a disk!
It seems like nod32's http and pop3 scanning accomplishes this, no?
I am not clear on KAV's approach, though they seem to have tightly integated into IE, and flash an icon in the status bar, every page. I know their next version - 6 - in beta now, is supposed to include http scanning.
Seems like nod32's imon module will equally protect firefox and IE, as well as pop3 email clients, right?
Still, it is hard to beat KAV's 99.5% and hourly updates. They have an extended threat database you can use as well.
I am awaiting the answers to some questions like this, from the Kaspersky folks.
Don